infosecn1nja
/
atomic-red-team
mirror of https://github.com/infosecn1nja/atomic-red-team.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
79 Commits
14 Branches
0 Tags
1.8 MiB
Commit Graph

79 Commits (master)

Author SHA1 Message Date
Michael Haag 976f3ba40f Adds 
Security software discovery
system time discovery
 2017-11-01 16:02:40 -07:00
caseysmithrc 1e1ae19a33 certutil encode/decode 2017-11-01 16:52:46 -06:00
caseysmithrc e5236e6146
Merge pull request #10 from redcanaryco/dev-mh 
Dev mh
 2017-10-31 14:14:33 -06:00
Michael Haag be85bb6afe Discovery bat 
+ Added reg queries to payload.
 2017-10-31 12:58:40 -07:00
Michael Haag 66c37e8b53 Evasion and exfil 
+ Added wevtutil and fsutil per what was used recently by BadBuddy Ransomware.
+ Added 2 ways to compress data with Powershell and rar.
 2017-10-31 12:56:52 -07:00
caseysmithrc 480a201741 Merge pull request #7 from redcanaryco/Readme-mh 
ReadMe Updates
 2017-10-19 16:35:04 -06:00
Michael Haag 402b93eba8 Moved matrices 
Moved to the top for easy access
 2017-10-19 13:32:26 -07:00
Michael Haag 8dab533558 Readme link adds 
Added Roberto Website and spreadsheet links
 2017-10-19 13:30:14 -07:00
Michael Haag 59bbfe86b9 Readme Update 
Overhauled Readme
 2017-10-19 13:27:16 -07:00
Michael Haag b144a64e43 Merge pull request #6 from redcanaryco/Collection 
Updated Windows Matrix
 2017-10-17 15:11:19 -07:00
Michael Haag 59722275f6 Updated Windows Matrix 
+ Added Clipboard Data
 2017-10-17 15:09:43 -07:00
caseysmithrc 0ad43f6b67 Merge pull request #5 from redcanaryco/Collection 
Windows - Collection
 2017-10-17 13:46:05 -06:00
Michael Haag cf3f201c94 Fix 
+ Line breaks
 2017-10-17 11:55:57 -07:00
Michael Haag 3c17d14b37 Fixed Clipboard 
+ Missing clip and made it completely compatible with powershell only now. No need to be in cmd.exe to start this.
 2017-10-16 13:19:20 -07:00
caseysmithrc 6b23f04277 Merge pull request #4 from redcanaryco/mac-defense-evasion 
Submitting two new Mac techniques
 2017-10-13 14:57:50 -06:00
Keith McCammon 8342c241e6 Corrected tabstop 2017-10-13 14:25:18 -06:00
Keith McCammon ee6ed4ea1c Submitting two new Mac techniques 
- Clear Command History
- Gatekeeper Bypass
 2017-10-13 14:21:31 -06:00
caseysmithrc 6966598a1f Merge pull request #3 from mgreen27/patch-1 
small change
 2017-10-13 08:15:10 -06:00
Matthew Green cfa399357b small change 2017-10-13 23:26:09 +11:00
Michael Haag 34dd80d94b Initial Commit 
+ Audio Capture
+ Automated Collection
+ Input Capture
+ collection bat
+ Payload
+ Updated Matrix
 2017-10-12 15:05:28 -07:00
Michael Haag 87743faf73 Discovery 
+ Added a Discovery bat file to run all the things at once. Generally, none of this activity is deemed "evil" as it is recon activity. Seeing it all run at once should be suspect to anyone.
+ Updates to two discovery files.
 2017-10-12 10:35:44 -07:00
caseysmithrc 086c43c191 Update Windows.md 2017-10-12 08:05:08 -07:00
caseysmithrc da4c415d15 Merge pull request #1 from pwndad/patch-1 
Broken links
 2017-10-12 08:00:53 -07:00
Roman 09a3c0b2e5 Broken links 
due to typos
 2017-10-12 11:21:14 +02:00
Michael Haag 4d6d676be5 Cleanup 
Small adds and changes
 2017-10-11 20:27:24 -07:00
caseysmithrc 623ba37c58 Update Windows.md 2017-10-11 10:47:01 -07:00
caseysmithrc 479acc3aa8 Update Windows.md 2017-10-11 10:46:12 -07:00
caseysmithrc 07c4d38ce7 Update Windows.md 2017-10-11 10:44:33 -07:00
caseysmithrc ac8dd2cfec Initial Commit 
Initial Checkin
 2017-10-11 10:35:17 -07:00